This is the second of a two-part series exploring the tools that power modern platform engineering teams:
- Platform Engineering Tools: Essential Guide
- Platform Engineering Tools: Advanced Guide (this one)
As your platform engineering practice evolves, your team can begin to explore more specialized, domain-specific tools. In this post, we will cover the advanced tools for platform engineering.
We pick ArgoCD, Snyk, Temporal, Bytebase, and Cortex as the platform engineering advanced toolkit. They are categorized based on their strategic use cases:
- Unbundling GitHub: ArgoCD for continuous deployment, Snyk for software supply chain security.
- Tools designed for large teams: Temporal for workflow orchestration, Bytebase for database development workflow, Cortex for internal development portal.
ArgoCD - Continuous Deployment
If your infrastructure is on Kubernetes. ArgoCD will provide a Kubernetes-native, declarative GitOps approach to application deployment and management. It continuously monitors and syncs applications with the desired state defined in Git repositories, offering seamless integration with Kubernetes clusters. ArgoCD’s features, like easy rollbacks, multi-cluster management, and a visual UI for monitoring application health, make it well-suited for Kubernetes environments. For an enhanced ArgoCD experience, consider exploring Akuity, founded by the creator of ArgoCD.
Alternatives: Flux
Snyk - Software Supply Chain Security
While GitHub Advanced Security (GHAS) provides a solid foundation for platform engineering teams, it may not offer the breadth needed for more mature teams managing diverse tools and environments (e.g., CI/CD pipelines, containers, IaC).
Snyk is a dedicated security platform, offering broader coverage for dependency, container, and infrastructure security. It integrates seamlessly with a variety of platforms (GitHub in particular) and provides comprehensive security automation.
Snyk has its own dashboard and UI where you can manage security issues across various projects and repositories. It enhances collaboration between your platform engineering and security teams, providing a streamlined and efficient security experience.
Alternatives: aikido
Temporal - Workflow Orchestration
As your business scales, you'll find that new tasks keep emerging. Some are one-time operations, while others repeat. Some are simple steps, others involve multiple stages. Some are stateless, while others are stateful, requiring meticulous rollback management. What starts as a basic cron job can quickly evolve into a complex workflow platform. Uber faced this challenge, developed and open-sourced Cadence. However, their creators are not content and Temporal is born.
Temporal isn’t a lightweight solution—it’s built to handle intricate edge cases and scale. But trust me and many other high-profile Temporals customers, workflow orchestration is a minefield you’d rather not tap into. The next time your team talks about building a workflow engine, just send them a link to Temporal
Alternatives: None.
Bytebase - Database Development Workflow
Your developers and DBAs deserve more than just Jira for managing database tickets. Two Google engineers also noticed the mundane and error-prone process when they manage the Google Cloud database fleet and started Bytebase - a database DevSecOps platform, designed to streamline three key use cases:
- Database CI/CD (e.g., schema migrations)
- Ad-hoc changes (e.g., DML modifications)
- Query
Say goodbye to copying and pasting SQL statements between Slack and Jira, or scattering database credentials all over the places. Bytebase offers a centralized platform that consolidates everything, with access control, dynamic data masking, audit logs, and much more.
Alternatives: None.
Cortex - Internal Development Portal
As your platform scales, you'll inevitably add more services to your toolbox, and managing them effectively becomes crucial. It often begins with a wiki page, but static documentation can't deliver real-time context or insights. The smart engineers from Spotify figured it's a common enough problem and open-sourced Backstage (sound familiar?).While Backstage has done much to educate the market and raise awareness about the value of a centralized internal development portal, Cortex has emerged as a more refined and polished solution.
Alternatives: port
Summary
The tools mentioned above complement the essential platform engineering toolkit well. Many of them integrate seamlessly with the core tools, offering features like Terraform providers, Vault integration, and GitOps support. However, it's important to note that these advanced tools are best suited for more mature platform engineering teams. Keep in mind that the primary goal of platform engineering is to empower product engineering teams to deliver value to customers quickly—avoid the trap of over-engineering the platform.
